Port forwarding
Traffic Redirection
Traffic redirection allows you to change the destination address of forwarded packets.
Zone-to-Zone traffic
Firewall
Zone
Zones
Custom forwarding
The firewall creates zones over your network interfaces to control network traffic flow.
Advanced Rules
Advanced rules let you customize the firewall to your needs. Only new connections will be matched. Packets belonging to already open connections are automatically allowed to pass the firewall.
Input Zone
Output Zone
Source address
Destination address
Source MAC-Address
Source port
Destination port
Action
accept
reject
drop
Source
Destination
Traffic Control
MSS-Correction
Drop invalid packets
Port forwarding allows to provide network services in the internal network to an external network.
External Zone
External port
port or range as first-last
Source address
Source MAC
Internal address
IP-Address
Internal port (optional)
port or range as first-last
Here you can specify which network traffic is allowed to flow between network zones. Only new connections will be matched. Packets belonging to already open connections are automatically allowed to pass the firewall. If you experience occasional connection problems try enabling MSS-Correction otherwise disable it for performance reasons.
Input
Output
Defaults
These are the default settings that are used if no other rules match.
SYN-flood protection
Incoming Traffic
Outgoing Traffic
Forwarded Traffic
Zones part the network interfaces into certain isolated areas to separate network traffic. One or more networks can belong to a zone. The MASQ-flag enables NAT masquerading for all outgoing traffic on this zone.
Incoming Traffic
Default Policy
Outgoing Traffic
Default Policy
Forwarded Traffic
Default Policy
MASQ
Networks
contained networks